<?php

/**
 * MVM_MALL 网上商店系统  ajax
 * ============================================================================
 * 版权所有 (C) 2007-2010 www.mvmmall.com，并保留所有权利。
 * 网站地址: http://www.mvmmall.com
 * ----------------------------------------------------------------------------
 * 这是一个免费开源的软件；这意味着您可以在不用于商业目的的前提下对程序代码
 * 进行修改、使用和再发布。
 * ============================================================================
 * $Author:  www.mvmmall.com  $
 * $Date: 2008-06-12 $
 * $Id: ajax.php  www.mvmmall.com$
 * ---------------------------------------------
*/

require_once 'include/common.inc.php';

//用户ajax检测
if($action=='user'){
    if (is_null($id)) {
        echo $lang['intput_member'];
        exit;
    } elseif (strlen($id)<4  || strlen($id)>15) {
        echo $lang['member_check'];
        exit;
    }
    $id = dhtmlchars(trim($id));
    foreach($char_key as $value){
		if(strpos($id,$value)!==false){
			echo $lang['user_err'];
			exit;
		}
	}
	unset($id_list);
    $id_list = $db->get_one("SELECT member_id FROM `{$tablepre}member_table` WHERE member_id = '$id'");
    if ($id_list['member_id']) {
        echo $lang['user_mudb'];
        exit;
    } else {
        echo $lang['user_regok'];
        exit;
    }
} 

//商品属性
elseif($action=='attvalue') {
    $type_id  = (int)$type_id;
    $goods_id = (int)$goods_id;
    echo attr_html($type_id,$goods_id);
}

//商品搜索
elseif ($action=='searchgoods'){
    $goods_name = filtering($goods_name);
    $query      = "SELECT uid,goods_name,goods_code FROM  `{$tablepre}goods_table` WHERE goods_name LIKE '%$goods_name%' OR goods_code LIKE '%$goods_name%'";
    $arr        = $db->get_all($query);
    require_once MVMMALL_ROOT.'./include/json.class.php';
    $json = new Services_JSON;
    echo $json->encode($arr);
    /***
    $result     = $db->query($query);
    echo "<select name=\"goods_id\" id=\"goods_id\" size=\"1\">";
    while ($list = $db->fetch_array($result)) {
        echo "<option value='$list[uid]'>$list[goods_name]</option>";
    }
    echo "</select>";
    ***/
}

elseif ($action=='goods'){
    $goods_id  = (int)$goods_id;
    $arr = $db->get_one("SELECT a.goods_name,a.goods_code,a.uid,a.goods_category,a.goods_brand,a.goods_market_price,a.goods_sale_price,b.brandname,b.id,c.uid AS catid,c.category_name FROM  `{$tablepre}goods_table` a LEFT JOIN `{$tablepre}brand_table` b ON a.goods_brand = b.id  LEFT JOIN `{$tablepre}category` c ON a.goods_category = c.uid  WHERE a.uid='$goods_id'");
    $attval               = goods_att($goods_id);
    $arr['goods_art']     = $attval[0]; //属性价格
    require_once MVMMALL_ROOT.'./include/json.class.php';
    $json = new Services_JSON;
    echo $json->encode($arr);
}

//文章搜索
elseif ($action=='article'){
    $art_title = filtering($art_title);
    $arr       = $db->get_all("SELECT uid,board_subject,headnum FROM  `{$tablepre}bmain` WHERE `board_subject` LIKE '%$art_title%'");
    require_once MVMMALL_ROOT.'./include/json.class.php';
    $json = new Services_JSON;
    echo $json->encode($arr);
}

//供货商列表
elseif ($action=='supply'){
    $arr       = $db->get_all("SELECT supply_id,supply_company FROM `{$tablepre}supply_table`");
    require_once MVMMALL_ROOT.'./include/json.class.php';
    $json = new Services_JSON;
    echo $json->encode($arr);
}

//验证码显示
elseif ($action=='code'){
    require_once MVMMALL_ROOT.'./include/captcha.class.php';
    $Captcha = new  Captcha();
    if ($mm_code_width && $mm_code_height){
        $Captcha->mCheckImageWidth  = $mm_code_width;
        $Captcha->mCheckImageHeight = $mm_code_height;
    }
    $Captcha->OutCheckImage();
}

//配送方式
elseif ($action=='ship'){
    //配送方式
    $kg    = floatval($kg);
    $price = floatval($price);
    if (is_numeric($add_id)) {
        $add_info    = $db->get_one("SELECT province,city,id FROM `{$tablepre}address` WHERE member_id='$m_check_uid' AND id='$add_id'");
        $province     = trim(dhtmlchars($add_info['province']));
        $city         = trim(dhtmlchars($add_info['city']));
    }else {
        $province     = trim(dhtmlchars($province));
        $city         = trim(dhtmlchars($city));
    }
    $arr          = array();
    $province     = dhtmlchars($province);
    $city         = dhtmlchars( $city);
    $province=='' && exit;
    $sql          = "SELECT f.*,ff.* FROM `{$tablepre}ship_table` f LEFT JOIN {$tablepre}area_table  ff ON f.id=ff.ship_id WHERE ff.region LIKE '%$province%' OR ff.region LIKE '%$city%' OR ff.region='全国'";
    $result       = $db->query($sql);
    while ( $rt = $db->fetch_array($result)) {
        $rt['config'] = unserialize($rt['config']);
        if(!file_exists(MVMMALL_ROOT.'include/shipping/'.$rt['class_name'].'.class.php')){
            exit($lang['db_avess']);
        }else {
            require_once MVMMALL_ROOT.'include/shipping/'.$rt['class_name'].'.class.php';
        }
        $rowst = new $rt['class_name']($rt['config']);
        $rt['exes'] = $rowst->exes($kg,$price);//配送费用
        foreach ($rt['config'] as $val){
            $val['name']=='free_money' && $rt['free_money'] = $val['value'];
        }
        $rs['name']       = $rt['name'];
        $rs['area_id']    = $rt['area_id'];
        $rs['exes']       = currency($rt['exes']);
        $rs['ship_desc']  = $rt['ship_desc'];
        $arr[]=$rs;
        unset($rs);
        //echo "<dd><input type=\"radio\" name=\"area_id\"  value=\" $rt[area_id]\" >$rt[name] $lang[buy_shipping]： $rt[exes]  $rt[ship_desc]</dd>";
    }
    require_once MVMMALL_ROOT.'./include/json.class.php';
    $json = new Services_JSON;
    echo $json->encode($arr);
    //end
}
elseif ($action=='ship_price' && is_numeric($area_id)){
    //运费
    $area_id           = (int)$area_id;
    $total_kg          = floatval($total_kg);
    $total_price       = floatval($total_price);
    $area_rt           = $db->get_one("SELECT f.*,ff.* FROM `{$tablepre}ship_table` f LEFT JOIN `{$tablepre}area_table`  ff ON f.id=ff.ship_id WHERE ff.area_id = '$area_id'");
    $area_rt['config'] = unserialize($area_rt['config']);
    require_once MVMMALL_ROOT.'./include/shipping/'.$area_rt['class_name'].'.class.php';
    $rowst_ar          = new $area_rt['class_name']($area_rt['config']);
    $rt_price          = $rowst_ar->exes($total_kg,$total_price);//配送费用
    $_SESSION['cart']['ship_id']    = $area_id;
    $_SESSION['cart']['ship_price'] = floatval($rt_price);
    $_SESSION['cart']['ship_name']  = $area_rt['name'];
    require_once MVMMALL_ROOT.'./include/json.class.php';
    $json = new Services_JSON;
    echo $json->encode($rt_price);
}
elseif ($action=='pack_price' && is_numeric($casing_id)){
    //包装费用
    $casing_id         = (int)$casing_id;
    $total_price       = floatval($total_price);
    $pack_rt           = $db->get_one("SELECT fee,price,id,name FROM `{$tablepre}pack` WHERE id='$casing_id'");
    $pack_rt['price']  = ($total_price> $pack_rt['fee'])? 0.00 : $pack_rt['price'];
    $_SESSION['cart']['pack_price'] = floatval($pack_rt['price']);
    $_SESSION['cart']['pack_name']  = $pack_rt['name'];
    require_once MVMMALL_ROOT.'./include/json.class.php';
    $json = new Services_JSON;
    echo $json->encode($pack_rt['price']);
}elseif ($action=='cess' && isset($cess_price)){
    //发票税率价格session保存
    unset($_SESSION['cart']['cess_price']);
    $_SESSION['cart']['cess_price'] = floatval($cess_price);
}
elseif ($action=='address' && is_numeric($add_id)){
    //地址信息
    $add_info    = $db->get_one("SELECT * FROM `{$tablepre}address` WHERE member_id='$m_check_uid' AND id='$add_id'");
    require_once MVMMALL_ROOT.'./include/json.class.php';
    $json = new Services_JSON;
    echo $json->encode($add_info);
}
//参数传递错误
else {
    exit($lang['pass_worng']);
}


function attr_list($cat_id, $goods_id = 0) {
    if (empty($cat_id)){
        $cat_id = $GLOBALS['db']->get_one("SELECT uid FROM " .$GLOBALS['tablepre'].'att_type'." LIMIT 1");
    }
    // 查询属性值及商品的属性值
    $sql = "SELECT a.id,a.type_id,a.att_name,a.input_type,a.att_type,a.sort_order,a.att_value AS attr_values, v.att_value, v.att_price,v.att_id ".
            "FROM " .$GLOBALS['tablepre'].'attribute'. " AS a ".
            "LEFT JOIN " .$GLOBALS['tablepre'].'att_value '. " AS v ".
            "ON v.bute_id = a.id AND v.goods_id = '$goods_id' ".
            "WHERE a.type_id = " . intval($cat_id) ." OR a.type_id = 0 ".
            "ORDER BY a.sort_order,a.id,v.att_id";

   $result    = $GLOBALS['db']->query($sql);
   while ($rt = $GLOBALS['db']->fetch_array($result)){
       $row[] = $rt;
   }
    return $row;
}

function attr_html($cat_id, $goods_id = 0) {
    $attr = attr_list($cat_id, $goods_id);
    $html = '<table width="100%" id="attrTable">';
    $spec = 0;
    foreach ($attr AS $key => $val)
    {
        $html .= "<tbody id=\"attachbody$key\"><tr><td class='label'>";
        if ($val['att_type'] == 1)
        {
            $html .= ($spec != $val['id']) ?
                "<a href='javascript:;' onclick='addSpec(this)'>[+]</a>":
                "<a href='javascript:;' onclick='removeSpec(this)'>[-]</a>";
            $spec = $val['id'];
        };

        $html .= "$val[att_name]</td><td><input type='hidden' name='att_id[]' value='$val[id]' />";

        if ($val['input_type'] == 0)
        {
            $html .= '<input name="att_value[]" type="text" value="' .htmlspecialchars($val['att_value']). '" size="40" /> ';
        }
        elseif ($val['input_type'] == 2)
        {
            $html .= '<textarea name="att_value[]" rows="3" cols="40">' .htmlspecialchars($val['att_value']). '</textarea>';
        }
        else
        {
            $html .= '<select name="att_value[]">';
            $html .= '<option value="">请选择...</option>';
            $attr_values = explode("\r", $val['attr_values']);
            foreach ($attr_values AS $opt)
            {
                $opt    = trim(htmlspecialchars($opt));

                $html   .= (trim(htmlspecialchars($val['att_value'])) != $opt) ?
                    '<option value="' . $opt . '">' . $opt . '</option>' :
                    '<option value="' . $opt . '" selected="selected">' . $opt . '</option>';
            }
            $html .= '</select> ';
        }

        $html .= ($val['att_type'] == 1) ?
            '属性价格 <input type="text" name="att_price[]" value="' . $val['att_price'] . '" size="5" maxlength="10" />' :
            ' <input type="hidden" name="att_price[]" value="0" />';

        $html .= '</td></tr></tbody>';
    }

    $html .= '</table>';

    return $html;
}

